A heap out-of-bounds read vulnerability exists in the Perl Socket module before version 2.041, which could allow an attacker to read memory beyond intended boundaries. This type of flaw can lead to information disclosure or, in certain conditions, contribute to further exploitation. Although categorised under Azure, the underlying issue affects the Perl Socket library used across many environments including cloud workloads.

Security Architect’s Take: Audit any Azure workloads, containers, or pipelines running Perl and ensure the Socket module is updated to version 2.041 or later. Pay particular attention to serverless functions, Azure Kubernetes Service pods, and CI/CD build environments where Perl may be a transitive dependency.

Original advisory: CVE-2026-12087 Socket versions before 2.041 for Perl have an out-of-bounds heap read